Tuesday, August 9, 2011

935. Randy tries his Craigslist list humor again, this time visiting Missed Connections! This time around he doesn't get the formatting or the spirit correctly--at least with his "house for rent" one they were semi-plausible titles for posts. Missed Connections posts never follow the format he's suggesting.

I could go through each of the jokes in his shotgun humor, but instead I'll just say this: why the fuck is Babe Ruth a Time Lord?

936. This isn't a joke. This is Randy complaining that longer passwords are harder to crack. Personally, all of my passwords are from the "dreamers often lie" conversation in Romeo and Juliet, and to this date I've never had anyone crack them.

Since there is no joke here, there's really no joke to review. But the alt text is notable for its unbridled smugness. Here is what esteemed city "Ann Apolis" had to say, on IRC: "You understand. Other people don't. Aren't they /stupid/? I'm sorry for you."

Why does the program get to keep guessing the password without the system triggering the "three strikes and the account is completely locked" policy that is so common? This could be handy for reading my crush's email to find out if she likes me or not.

936 is complete bullshit. All modern "password crackers", even complete brute-force methods, utilize dictionaries and combinations of common words before attempting every possible character combination.

99% of people only have to worry about making passwords safe from other humans, not from machines.

@Anon 11:20 PM:Correct, most hackers would use dictionary attacks and "combinations of common words". But you won't find "correct horse battery staple" in any dictionary nor do I think that "staple" could be considered a "common word". What you also seem to miss is the fact that a space counts as a special character. So a hacker would have to take that into account as well. (there goes the "combination of common words". It's useless if you add special characters like a space or a '_' or even a '-' )

So, before you diss something as being "complete bullshit" you should make perfectly sure you know what you are talking about. And also you might want to read this article: http://www.baekdal.com/tips/password-security-usabilityAnd also be sure to check out the two links on top of that article.

@3:50Any segment of a password that is made up of a word found in a dictionary is something that will caused it to be cracked faster by some of the more common brute forcing programs. Yes, special characters would need to be taken into account. They are.

That's not to say that the first password is ideal or the second is especially vulnerable, but Randall's attempt to quantify the length to crack it is extremely misleading. Correcthorsebatterystaple is more vulnerable (relative to its length) than Tr0ub4dor&3 is, vs some common password crackers. The main advantage it has for it, is just the fact that it's longer.

2^(44/4) = 2000, so Randall assumed a dictionary attack with a dictionary of two thousand words. The dictionary on my computer has two hundred thousand words, so 44 bits for four words is a safe lower bound.

I don't. Fucking wogs stealing tvs and psps while the white man suffers.

We ought to call martial law on those bastards - bring in the royal regiment too - and give them the order to fire indiscriminately until the rioters disperse or there are no niggers left in England, whichever comes first.

The word is spelled 'license' in the part of the Anglosphere inhabited by Yankee and some Canadian cunts. The Queen's English dictates that the word be spelt 'licence' everywhere else where true literacy is embraced.

ALTF, consider (i) that the only sort of Peerage which cannot exist through a whole life is that of a Life Peer, as it is not inherited; (ii) that a Peer, not being a commoner, has the fewest peers of all. A Life Peer self-contradicts just by being.

But recall that the Hypocritical variant of English, being the Anglo-Saxon rather than Indian sort, always uses "excuse" in two senses. And Baroness Token is using the English of her country rather than of her parents.

Prime ministers get a tab and a paycheck. For a national leader to skim a relatively miniscule amount off the budget is illegal and despicable, but it's not very much in the grand scheme of things, and it won't ruin anyone's livelihood.

Bribery isn't stealing either, as one party is willingly giving their money to the other. It's a two-sided exchange.

Same with the banker - life is about making money. And making money is largely parting fools from their money. There's a difference between making a profit in a capitalistic system and stealing outright. After all, the investors agreed to the deal, while I doubt that your hypothetical shop owner did.

But stealing - stealing's stealing, it's a world apart. The impersonal 'shop window' that you're stealing your television from is owned, managed and staffed by real people. All of those people are going to be influenced very negatively by your crime. For example, the Sony distribution centre which the hoodlums burned down employed 800 locals! Now they're out of a job, with niche or negligent skills, in a downturned economy. And this happening not just in one place, but all over London - well, it's sheer malevolence, and it's nothing that should ever occur in a civilised state.

Imagine, if only we had kept immigration levels at their 1900s levels - Britain might still be 'Empress of the World'!

Capitalism produces so many inefficiences. Centralised control of the means of production was once difficult but now occurs anyway thanks to modern computing power. The difference is that corporations have no democratic oversight to ensure their interests remain aligned with those of the people.

What I am really saying is: imagine if all the rioters would cooperate and reroute their misplaced anger toward xkcd. Just, you know, turn up at Randy's house and politely ask him to stop with this silly comic. I mean... that would be beautiful, man.

"Any segment of a password that is made up of a word found in a dictionary is something that will caused it to be cracked faster by some of the more common brute forcing programs."

The only thing a cracker knows if the password was correct or not. Even if he guessed every single character except for the last one correctly he won't know how close he actually was, since the only response he gets from a server would be "wrong password".

So, even if I chose my password to be: "This is my password. It only contains common and simple words." it would be incredibly hard to crack, since it's so long even though I'm sure all of the words are even in the smallest dictionaries.

"Correcthorsebatterystaple is more vulnerable (relative to its length) than Tr0ub4dor&3 is, vs some common password crackers"

A password like Tr0ub4dor&3 is hard to remember. At least harder to remember than "correcthorsebatterystaple", which is the whole reason of the "chose 3+ simple words as a password" argument. It's no use to chose incredibly complex passwords if you cannot remember them and end up writing them down instead.

Also, "correcthorsebatterystaple" would be harder to crack BECAUSE of it's length! Have a look at this site:https://www.grc.com/haystack.htmand try it out yourself. (Yes, I know this is NOT a "password strength meter").

So, my whole point is: "correcthorsebatterystaple" is just as good (if not even better) as a password like "Tr0ub4dor&3".

@2:21: Assuming you have the database of hashed passwords and depending on hash used, it may be possible to tell whether you are "close".

As to whether long lists of words or short lists of letters+symbols are harder to remember, that depends entirely on the individual. One of the most significant failings of self-appointed nerds is to assume everyone thinks (and feels?) like them. I have a good memory but the whole image association thing does nothing for me - my mind is an interconnected web of ideas and symbols. FWIW, I am a mathematician by training.

It's trivially true that a longer password is better than a password taken from a slightly larger character set - x^y increases faster with y than x. That's all Randy had to say.

But if it became standard to use strings of words, word-string password crackers would just become stronger as people analysed popular combinations. Perhaps, say, thousands of people will be found to choose particular famous film/book quotes. This could be matched with age/gender - maybe the headline quote of a teen chick flick will be appropriate for getting into the average teenage girl's account? I hear computers are great tools for examining a lot of data and answering these questions :-).

"Assuming you have the database of hashed passwords and depending on hash used, it may be possible to tell whether you are 'close'."

I'd like an explanation on that one. I had to write a program once to brute force a password when you already have the hashed value and I still had to take each combination of characters, hash it (SHA), and see if it matched (I used multiple threads to make it faster), because every password hashes to something completely different from the one before it. There's no way to tell if you're getting close or not, at least with that hashing algorithm.

@cptnoremac: LanMan hashing is a very simple example: long passwords are split up into two chunks so you'll know if you got the first or second half of a long password correct. Moreover since each chunk is only 7 bytes long without substantial salt (even older Unix 12-bit salt is insufficient vs modern storage capacity) it's trivial to simply generate a list of every possible password hash / rainbow tables.

The problem with long passwords is that they're long, which means you have to take more time to type them, which is annoying. On the other hand, once you remember your password is h9jk9kkmA you can hammer that out pretty quickly each time.

@9:15: Hitler cooperated with the strong Jews to kill off the weak Jews, and now they control the media which oppresses the masses and causes them to occasionally make weak, desperate attempts at fighting back.

@935I havent even read the comic and im /already/ laughing (or giggling quietly to myself, as it happens) Perhaps you lack the appropriate education and/or skills to understand it?I would suggest evening courses at your local tech enrichment center. It has done wonders for my appreciation of the fine arts and my bothersome complexion. Thank you for listening.

Re: 937According to the app description, it is not supposed to warn you about a tornado, but rather inform you when there is a tornado warning for your area, which is a hazardous weather advisory put out the government. If your area has a tornado but no tornado warning has been issued, the app can't do anything about that. I wonder what this particular reviewer's situation was, given that they say "app did not warn me about tornado" rather than "app did not inform me of tornado warning." Sometimes tornadoes develop so quickly that there is no warning.

@LostinSpace Tornadoes certainly can develop before a warning is issued. Sighting an actual funnel is one of the conditions that leads to upgrading a "Tornado watch" to a "Tornado warning". Too bad for the people right where that funnel first appears. The app might be more useful if it reported tornado watches, but I don't have much sympathy for people who are so glued to their phones they can't even look out the window. It's usually pretty hard to ignore the weather when a severe weather advisory is in effect, let alone when the advisory gets upgraded to a tornado watch/warning.

Of course, the app is of pretty limited utility anyway. In "urbanized" areas in tornado country, even the smallest towns have tornado sirens, and in more rural areas, you might not have cell coverage.

I've always thought of "fire" as a one-syllable word, even though most treat it as two (fi-yer). It's probably because it's hard to go from the long "I" sound to the "R" sound smoothly. Compare to "fare," which is agreeably monosyllabic.

But I don't think anyone pronounces "real" like "ree-yal". Well, except those black preachers who need four syllables to say "lord."

I look at her post up there with the phrase "intercalated lexeme". I think to myself: why has she used the words "intercalated" and "lexeme"? I can understand people not having the time to cut the chaff when they make a post, but needlessly typing long words... maybe there is some meaning to these words conveying something subtle or specific about language?

So I consult regular dictionaries. I consult grammar dictionaries and books on English usage. 90 seconds later, still stumped, I even consult Wikipedia.

I conclude that there was absolutely no benefit in using those words. It was pure pomposity, the insecure ego of a 12 year old boy who can't resist showing his first pube to the class.

Why would I like all this? For the same reason Rob likes criticising xkcd, I guess.

"By 'chaff cutter' are you referring to my predilection for choosing sexual partners who autotomise during copulation thereby creating a 'mating plug' which I retrieve and add to my growing collection?"

Suggesting that men are so dismayed by her sexual fervor that their cocks drop off in self-defense.

"Ask your partner if he has a pair of wellies with the built-in sheep's hind-hoof adapter."

Suggesting that 9:47's partner fucks sheep so regularly that he has specially-designed boots for it.

ALTF, the point is that your comment makes no sense if you capitalise "Lingua Franca". You can claim that people don't understand or aren't as smart as you or something, but it would be much easier if you just typed, "I, ALTF, let go of my Internet ego and apologise that I made a mistake while trying to sound like a smartass."

It's one step away from Randy's sly corrections.

If English is your fourth language, as you claim - though I notice your shying away from a conversation in Spanish after you offered it and someone responded - you would surely benefit from actually listening to people rather than continuing the "I'm smarter than everyone else" behaviour which only ever gets you so far in life. It worked well for me too up to postgraduate life when I met other people equally smart and learnt to accept it.

@1:35: I've been on the Internet 16 years. She tries way too hard for a troll - have you seen how much she posts? She also makes fairly obscure mistakes which suggest she has a good but not excellent grasp of the language: most people wouldn't even notice them, let alone correct them.

I hope for her own sake that she's just a lonely but fairly intelligent English learner who thinks xkcd sucks (which is why I have corrected her above to encourage her to come out of her shell and act normally) rather than a poor troll who needs to post longwinded blabber every day to elicit a response.

Pronounced with two syllables and to rhyme with the word 'silly'.I'm in a 'sound like a Yankee cunt' mood.I am a fucking dumb bitch. The word 'fucking' is to be understood as both an adjective and a verb so you must read the phrase twice for the full impact.

@ Anonymous 1:20 PM,

".....ALTF, the point is that your comment makes no sense if you capitalise "Lingua Franca"....."

You do not appear to be particularly thick, perhaps you are just not trying hard enough.

"...."I'm smarter than everyone else" behaviour which only ever gets you so far in life....."

See my above comment.It also helps that I am very attractive and, thanks to BP, wealthy beyond avarice.

@ Anonymous 1:44 PM,

I trawl. I do not troll - my singing voice is grating at best. And 'long-winded' is two words.

".....I hope for her own sake that she's just a lonely but fairly intelligent English learner...."

And for your own sake, what do you hope?

"....who thinks xkcd sucks....."

Au contraire, stugots! I've no thoughts about that silly and harmless comic. If you've monitored my word salads o'er the last six months or so you will have noticed that I have never commented on the comic.

@Anon 1:49: She'd get more consistent and accurate feedback by just asking nicely. I've bumped into so many insecure trolls who just want help/advice but are unwilling to ask for it so instead put on an inefficient front.

@ALTF 1:49: Perhaps you are just being too obscure. Any man can claim anything makes sense if interpreted in a sufficiently outlandish way. If no-one understands but the speaker, the fault in communication likely lies with the speaker. Is this not part of basic training?

(FWIW, I wouldn't put too much value on the wealth bestowed upon you by an old man who treats you as an intelligent pet. The less pleasant men in my family have treated pretty and sophisticated young women the same way and it's not always ended well. You know more about your relationship than I do, of course.)

@ALTF2:07: The first time I ever saw your name online it was making some comment about xkcd. Might have been more than six months ago, though, and might not even have been on xkcdsucks.

For my own sake, I expect to take nothing from here but a giggle or two at the expense of Randall Munroe. The quantity of posts from you suggests that you have more invested in this forum, which is why I'm offering you a friendly hand.

2:25, we're all here to enjoy ourselves - like Rob said, people are here to criticise xkcd because they like to do so and find it funny to point out how awfully silly and/or wrong Randall can be.

But Randall has hordes of admirers and an income from his few minutes a day of sillliness. ALTF, meanwhile, appears to spend far more time on a similar activity without the return, frequently going on the defensive. I'm not telling her what to do, just pointing out that she won't lose e-points if she lets her hair down a bit.

At the end of this conversation I'll be gone a while, but when I return a few days later I know there'll be dozens of posts from her each day met with derision. She's every right to want only that, but is that really all she wants?

Rob don't write a new post yet because I don't want people to miss this: Randy explained 936 on Metafilter! http://ask.metafilter.com/193052/Oh-Randall-you-do-confound-me-so#2779020. It seems that maybe he read the Wikipedia article on Information Theory last week and not the day of the comic, as suggested earlier.

I thought you were pretending to be in the US? Or are you in England again?---She pretends to be a British subject and a real purveyor of "the Queen's English" and all that bull, but her IP indicates her to be living in International Falls, Minnesota. A village of 6,000 on the Canadian border. For entertainment it's got only a small college nearby (where I assume she studies) and a yearly parade so it's no wonder she spends all her time 'trawling' here.

Slooooowly I turned. Step by step, pace by pace. I got closer and closer until I could see the very whites of the scoundrel's eyes. Then I THUMPED him and SLAPPED him and TORE his shirt. I BLACKED his eye and KNOCKED him over, I PICKED HIM UP and KNOCKED him over again.

She was one of a few who visited a honeytrap forum I posted a while back. As admin I easily obtained her IP address allowing me to locate her position. Not that I plan to do anything with it, but still

ALTF is the new xkcd: regular output; each oeuvre adopting a subset of a very limited list of characteristics; emission unchanged despite the torrent of criticism; the occasional defender who needs beating down.

ALTF: An xkcdsucks doctor of Myanmar, Canadian sugardaddies, cunts, and verbal diarrhoea.

Warning: this poster occasionally uses long words (which may be unsuitable), weak humor (which may be incorrigible), and advanced linguistics (which aren't quite up to the standards of liberal-arts majors).

You could repeat what 2:25 said, Pirate, but it wouldn't be relevant. It's not about trying to give people a bad time. It's just the listless sort of pleasure that comes from poking a squeaky toy and listening to the sound that comes out. When people are really upset it spoils the mood, and they end up dragging the particular point of contention well beyond its expiration date.

ALTF has a real way with trying to sound witty but without telling any jokes. Is ALTF capable of discussion, or is every comment a brush-off of the previous commenter? Could ALTF stay on topic without acknowledging doing so?

Dearest Aquarians Love To Fuck,Might I enquire where a mere neophyte of the school of lettering could find your particular dictionary and thesaurus combination? I hear that it aids tremendously in channelling mere verbosity to the unique utility of the creation of blandly sesquipedalian articles, and that it is of use to any advocate of overly middle-class and prescriptive grammatical codices, such as those found in proliferation amongst the gentry of the middle Georgian era, who is inclined to proselytising.

I also hear that said reference contains a controversial alteration to the entry 'lettered', defining that word as having the meaning: 'dull, pretentious, lacking in urbanity'.

Please respond soon; I am eager, moist, and red-faced with anticipation for such information as may lead to the acquirement of this long-coveted tome.

What the hell is this?

Welcome. This is a website called XKCD SUCKS which is about the webcomic xkcd and why we think it sucks. My name is Carl and I used to write about it all the time, then I stopped because I went insane, and now other people write about it all the time. I forget their names. The posts still seem to be coming regularly, but many of the structural elements - like all the stuff in this lefthand pane - are a bit outdated. What can I say? Insane, etc.

I started this site because it had been clear to me for a while that xkcd is no longer a great webcomic (though it once was). Alas, many of its fans are too caught up in the faux-nerd culture that xkcd is a part of, and can't bring themselves to admit that the comic, at this point, is terrible. While I still like a new comic on occasion, I feel that more and more of them need the Iron Finger of Mockery knowingly pointed at them. This used to be called "XKCD: Overrated", but then it fell from just being overrated to being just horrible. Thus, xkcd sucks.

Here is a comic about me that Ann made. It is my favorite thing in the world.

Frequently Asked Questions

Divided into two convenient categories, based on whether you think this website

Rob's Rants

When he's not flipping a shit over prescriptivist and descriptivist uses of language, xkcdsucks' very own Rob likes writing long blocks of text about specific subjects. Here are some of his excellent refutations of common responses to this site. Think of them as a sort of in-depth FAQ, for people inclined to disagree with this site.